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Errata in a Nutshell 
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a: a list of corrigenda i. 


* corrigendum \kor-e'jen-dem\ n 


a: an error in a printed work discovered after printing 
and shown with its correction on a separate sheet 
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The Errata project is basically a list of mistakes and transgressions related to the 
information security industry. This ranges from ironic blunders to cases of plagiarism as 
well as full write-ups of people or companies we feel are charlatans. 

We cite as much evidence as possible on Errata, to back our opinions and make a case or 
tell a story. It is up to the reader to decide the accuracy of both sides and make a 
decision. We encourage everyone to verify what a charlatan says, as well as what we say. 



Disclaimer 

We do this because we feel it needs to be done, and no one else is doing it. Our 
intent is to help the security industry . This project is not rooted in bias or contempt 
for any person or individual. That said, we can be opinionated just like the next 
person. Especially the jerk presenting right now. 


By listening to presenter, you agree to be bound by all of the terms and conditions below, which are intended to be fully effective 
and binding upon all BlackHat attendees. By watching this presentation, you agree not to hold us responsible for anything. And 
we mean anything. Ever. All material, opinions, insults, rants, and nervous breakdowns are solely on behalf of the presenter, not 
his employer, past employers, attrition.org staff, squirrels, probation officer, AA sponsor, physical therapist, favorite dealer, or 
family that has since disowned him. Still not responsible. By watching this presentation, you hereby agree to never malign small 
misunderstood creatures (e.g. squirrels, moles, voles, chinchillas, chipmunks, otters, possums, guinea pigs, alpacas, hedgehogs, 
sloths, aardvarks, nutria, capybara, porcupines, stoats, pygmy jerboas, prairie dogs, dormouse, turtles, ducklings, and pika). By 
sitting in this room, you further agree to praise the glory of llamas, mini pigs, goats, and sheep. Presentation may contain peanuts. 
For external use only. Nutrition information not available. Terms are subject to change without notice. Keep presenter out of 
reach of children, adults, and charlatans. Do not feed presenter after midnight. Hand wash only, tumble dry on low heat. 

Warning: presenter may become slippery if Vaseline liberally applied. Presenter not a contraceptive device. Presenter not 
approved by FAA regulations. Reader assumes full responsibility. Professional driver, closed course. Disclaimer may not be up to 
date. Still not responsible. No money down. No purchase necessary. Call before you dig. If you are reading this disclaimer by 
mistake, please destroy all copies, don't share this valuable information, and then gouge your eyes out for being in the wrong 
conference. Mileage may vary. Objects in presentation are bigger than they appear. Everything is true to the best of our 
knowledge. God kills a lawyer every time someone reads a legal disclaimer. Remember to spay or neuter your pets. This 
agreement shall be deemed to be an agreement entered into in the state of Colorado (or Guam). The laws of rational thinking and 
ethics shall govern this agreement. Complaints may be directed to the hostile, armed squirrel bodyguard. All sales are final. If 
rash, irritation, redness, or swelling develops, discontinue reading. Allow four to six weeks for delivery. Other restrictions or 
restraints may or may not apply. 



Who Polices the Industry? 


•Anonymous? APTs? (Any means necessary...) 

•Professional Groups e.g. (ISC) 2 ? (Fear the code of ethics...) 
•Journalists? (Not for a long time...) 

•Bloggers? (Random acts of errata...) 

•Publishers? (Can't hear us over their bottom line...) 

•The Law e.g. Attorney General (Their plates are full...) 

•You should! 


Guess that leaves us in the meantime, until someone better comes along. 


Errata Staff 


cji - Senior Irony Analyst 

•Watches more cartoons than his 6 year old 
•Started dozens of RPGs. Finished none. 

•Writes more Errata than code 

Lyger - Volunteer Herder (Ret.) 

•Collector of former Denver Bronco QB Jerseys 
•Proud owner of Keurig and Cuisinart whole bean grinder 
•Really does believe that InfoSec = professional wrestling 


Jericho - Chief Curmudgeon Officer 

•Has rescued 9 guinea pigs from Colorado shelters 

•Would piss on a spark plug if he thought it would do any good 

•Wouldn't mind seeing InfoSec industry burn to the ground 




Errata Staffing Problem 





Attrition.org Background 



Buck 


Lazio 




Errata All Around Us 


Per Wikipedia, "the general definition 
of an audit is an evaluation of a person, 
organization, system, process, 
enterprise, project or product." 

In layman's terms, Errata is an audit of 
sorts, or "we find bad shit". 
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Errata Coping Mechanisms 










A Brief History of Errata 
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errata \e T rat-e\ n 

a: a list of corrigenda 

corrigendum \kor-e f jen-dem\ n 

a: an error in a printed work discovered after printing 

and shown with its correction on a separate sheet 


Welcome to the Security Errata Page. 

Check back frequently as information is continually being added. 

This page exists to enlighten readers about errors, lies, and charlatans in the computer security industry. With media 
running rampant and insufficient checks and balances for their reporting in place, the general population has been 
mislead about everything from hackers to viruses to 'Information Warfare' to privacy. 

People often ask why we are so critical about articles, or focusing on a single paragraph of a larger article. 
Regardless of the size or frequency of errors, they can be viewed as single bricks. The more people read these bricks, 
the more they begin to see the entire wall. After reading the same errors or omissions from several news sources, the 
information makes an amazing transition from 'unbiased news' to 'gospel'. The notion that it is 'unbiased news' in the 
first place is just as ludicrious, but a fact of life. 


April, 2012 

(fancy HTML tables) 


The contents of these pages are OUR opinions and observations only. If you wish to mail us regarding any of this, feel 
free. That includes disagreements, errors in our assessment, new information, or anything else. We will strive to keep 
an unbiased page that deals more with fact than opinion. 


The Media 


August, 2000 

(<pre> tags Own) 



Certified Pre-owned 

Companies that ship malware with new products. 

CD 

Legal Threats 

Threat of legal action against securin' researchers. 

* • 

Autofoil 

Securin' companies and auto update mechanisms that faded. 


Charlatans 

Public figures, media whores, and people working in the industry who aren’t the experts they claim. 



Plagiarism 

Instances of plagiarism by those in the security industry. 

- i 
i . 

cm 

Security Companies 

Companies that provide security products and services, while failing to maintain their own security. 


Security Companies that Spam 




Other Company Incidents 

Non-security companies that had security incidents that should be known to their customers. 
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Statistics 

Questionable or incorrect statistics on security and computer crime. 
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Charlatans 
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Stats - CPO 


(Certified Pre-Owned) 
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Stats - AutoFail 

(By Vendor) 
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btats - Legal 
Threats 
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Stats - Legal Threats 


4/ Carrier IQ 

First State Superannuation 

✓ Trans Link Systems 

Magix AG 

✓ RSA 

✓ Orange.fr 

? Massachusetts Bay Transit Authority 
NXP (formerly Philips Semiconductors) 
Autonomy Corp., PLC 

BeThere (Be Un limited) 

✓ 


TippingPoint Technologies, Inc. 

Sybase, Inc. 

Hewlett-Packard Development Company, 
L.P. (HP) 

Adobe Systems Incorporated 
✓ Tegam International Viguard Antivirus 

Secure Digital Music Initiative (SDMI), 
Recording Industry Association of America 
(RIAA) and Verance Corporation 
Motion Picture Association of America 
(MPAA) & DVD Copy Control Association 
* (DVD CCA) 


Stats - Legal 
Threats 



2005 (Jan) - 3COM acquires TippingPoint 

2005 (Jul) — TippingPoint founds Zero Day Initiative (ZDI) 

2007 - TippingPoint tries to quiet David Maynor / ErrataSec for reversing TP IDS 
signatures. Pressured Errata to cancel talk, had FBI show up at their office. 

2009 - HP acquires 3COM 


See the irony yet? It went full circle... 

HP tries to DMCA vulnerability research, then buys 
3COM which owns TippingPoint, which founded ZDI 
who buys exploits from researchers and will release 
information w/o a vendor fix between 15 days (if no 
vendor ACK) and 6 months (maximum). And HP is 
known for ~ 1000 days w/o patching, even simple XSS. 
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Stats - Plagiarism 



HOW TO BKCOMV THR WORLD 
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Stats - Plagiarism (todo) 


Not pictured 
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Virus l«*ft I IDM 



Ethical Hacker 


Customer Relationship Managem 


HACKING MOBILE PHONES 
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Stats - 
Security 

Companies 




InfoSec News 
InfoSec News 


[ISN] Unencrypted AT&T laptop stolen, details of managers' pay lost - http^/www.compu 
[ISN] AT&T Launches Encryption Services to Help Businesses Secure E-Mail and Data 
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Stats - Spam 
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Stats - 
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Errata Done Right: Dataloss 


•Original concept in 2001 

•Implemented on attrition.org in 2005 

•Project moved to Open Security Foundation (OSF) in 2008 


Date: Wed, 18 Apr 2001 19:57:03 -0600 (MDT) 

From: security curmudgeon <jericho@attrition.org> 

To: errata submission <errata@attrition.org> 

Message-ID: Pine.LNX.3.96.1010418195610.108490-100000@forced.attrition.org 
X-Copyright: This e-mail copyright 2001 byjericho@attrition.org where applicable 
X-Encryption: rot26 

we need a new section (and i have several saved pieces for it) that list 
companies who exposed CC numbers and the like, whether they are security 
companies or not, i wanna keep a list w/ articles of any of them that 
leaked CC info 


We're not "the popular kids", but when we get stuff done, we do it right. -- Lyger 




Errata Done 

Your secret is safe with us., promise! 

In what has become a regular occurance, companies, universities, and various government entities are collecting y< 
the hands of the bad guys. This is your personal information; name, address, Social Security number, credit ci 
to , it apparently does. Unfortunately, this page is updated quite frequently and the lis 

For a chronological list of data breaches since February 2005, provides additior 

is available for news and discussion about data breaches. Links to articles about data loss ar 


Top Stories 


- [2006-07-12] 

(University CIO resigns position following multiple data breaches) [ ] [ ] 

- [2006-06-29] 

(Laptop recovered - private information of over 26.5 million military veterans) [ ] [ ] [ ] 

- [2006-06-22] 

(Personal and financial information of 110 on stolen laptops) [ ] 


Ten Most Recent 


- [2006-07-18] 

(350 Social Security numbers, names, and addresses on stolen laptop possibly accessed) [ ] 

- [2006-07-16] 

(Web site reveals thousands of individuals' Social Security numbers) [ ] 


■Dedicated site 
■Actual developers (Dave) 
■Extensive metrics 
■Expanded sources of information 
■Anyone can submit 
■Extended classification system 
■Dedicated data input (Dissent) 


Right: Dataloss 

■Database distributed in CSV 
■No native search 
■No metrics 

■Weak classification system 


db 

open security foundation 


About Search Submit New Primary Sources Laws Reports Stats Analysis Mail Lists The Blotter Fringe Supporters 

2010 2011 2012 


ec Oct Nsv Sec Jan c eb Mar Apr May Jun Jul Aug Sep 03 Nsv Dec Jan Feb Mar Apr May Jut JjI Aug Sep Od Ncv Sec Jan ^eb Mar 

Isuppor^ata^ssD^^*" ^Abou^S^^at^^s^^^ 


needs your support! You can support OSPs DataLossDB in several ways, such as contributing 
news articles about data loss incidents or by updating older incidents as new information becomes 
available. Financial donations, which will support hosting, hardware upgrades, and advertising are 
also appreciated. 



I Sony had HOW many breaches? 


2011-06-05 by Dissent 

We thought keeping track of entities involved in the Epsilon 
breach was tough, but the recent spate of attacks on Sony 
networks has us working overtime trying to update the 
database. Thankfully, Jericho provided yeoman service and 
compiled a hyperlinked chronology of recent developments . 


The Sony breaches have generated a lot of discussion. v^/ 

Some of it has centered on Sony's shocking failure to 
encrypt passwords and it being all-too-vulnerable to SQLi compromises (if those 
posting the data publicly are accurate as to how they compromised certain 
databases). Sony undoubtedly has a lot of explaining to do if it hopes to have future 
assertions of industry-standard security taken seriously. 

To date, the two largest incidents affected over 100 million records. But were the 
PSN and Sony Online Entertainment (SOE) attacks two separate incidents or were 
they really one breach? Should DataLossDB.org have recorded one breach with over 
100 million affected, or two incidents involving 77 million and 24.6 million, 
respectively? Or should we just treat the last 45 days’ incidents as one #EPIC #FAIL 
and one big incident? In light of our mission to track unique breaches, the question 
is not trivial. 

When news of the second incident broke, the first thought was to update the PSN 
entry and add another 24.6 million to that counter. But as more details emerged, it 
seemed clear that we should treat it as a separate incident The attack had occurred 
on different days than the PSN attack, the data compromised were on different 
networks, it seems quite likely the different networks had different security measures 


DataLossDB is a research project aimed at documenting known and reported data 
loss incidents world-wide. The effort is now a community one, and with the move to 
Open Security Foundation's DataLossDB.org, asks for contributions of new incidents 
and new data for existing incidents. For any questions about this site or the data 
contained within the site, please contact curators@datalossdb.ora . 

opensecurityfoundation events calendar I 


I Latest Incidents 


RECORDS 

DATE 

ORGANIZATIONS 

7.000 

2012-04-20 

University of Arkansas for Medical Sciences 

0 

2012-04-20 

PricewaterhouseCoopers, Under Armour Inc. 

228.435 

2012-04-19 

South Carolina Department of Health and Human 

Services 


2012-04-19 

CIGNA Healthcare Corp. 

0 

2012-04-19 

Rex D. Smith, DPM 

0 

2012-04-19 

The Commercial Bank 

_ 0 

2012-04-18 

Brecon Beacons National Park Authority 

315.000 

2012-04-18 

Emory University Hospital, Emory University Hospital 
Midtown (Emory Crawford Long Hospital), Emory Clinic 
Ambulatory Surgery Center 

18 

2012-04-17 

Leicestershire County Council 

20 

2012-04-17 

Toshiba Information Systems (UK) Ltd 


Search 


Largest Incidents 

































































Confronting Charlatans 



Blowback 

an unforeseen and unwanted effect, result, or set of repercussions 






Blowback - Schlossberg 


From: Louis Cipher (loucifer@s-mail.com) 
Date: Sat, 27 Aug 2011 05:52:24 +0000 
Subject: you are full of shit 


Hello It appears you don't want anyone to put a locate on you. I would hazzard a guess you don't want to be served 
with a suit. There are many ways to accomplish this. You have been a digital bully to long. I think 2011 and 2012 are 
going to be interesting years for you, legally that is. I look forward to a summary judgment(with a fraud component, 
to prevent discharge in bankruptcy) followed by levies, garnishments, etc etc etc. I hope you have saved up some 
serious money, as you will need it for legal defense, unless of course you elect to go pro se or get some meatball 
attorney to go pro bono. You will probably publish this email, and give a specious rant as to whatever BS you can 
conjure up. 


•Gramps, take it easy on me, I wouldn't want to get help from some of my friends. 
•... and I still don't, but I do look forward to meeting you. 

•Everybody has to pay their taxes, do you. 


You now have some Israeli groups interested in who the f_ck you are, good luck. 




Blowback 


min . . 

HIGH-TECH BRIDGE 

INFORMATION SECURITY SOLUTIONS 


From: "Droz Johan (PJ)" johan.droz@justice.ge.ch 
To: '"stafffSattrition.org" 1 <staff@attrition.org> 

Date: Tue, 10 Apr 2012 09:42:28 +0000 
Subject: Criminal proceeding against attrition.org 

Dear Sirs, 

I am in charge of a criminal proceeding against the persons behind attrition.org and "Jericho" in particular. 

The criminal complaint was deposited by High-Tech Bridge SA. 

Could you please give me the names of the persons who manage the internet site and their adress, in order for 
me to be able to have them heard. 

Thank you in advance 

Johan DROZ, Procureur Set I 
Ministere public 

Route de Chancy 6B, case postale 3565 
CH-1211 Geneve 3 

Tel +41 22 327 64 64 - Fax +41 22 327 65 00 




Blowback- Evans 


Case 1:11 -cv-00458-WSD Document 1 Filed 02/15/11 Page 1 of 35 


IN THE UNITED STATES DISTRICT COURT 
FOR THE NORTHERN DISTRICT OF GEORGIA 
ATLANTA DIVISION 


HIED IN CLERKS OFFICE 

US.D C - Adtnta 

FEB 1 5 2011 


GREGORY D. EVANS, LIGATT 
SECURITY INTERNATIONAL, 
INC, and SPOOFEM.COM USA 
INC., 

Plaintiffs, 

vs. 

JOHN DOES 1-8, 

Defendants. 


§ 

§ 

§ CIVIL ACTION NO. , - Q 

111 - CTTT558 

§ 

§ FILED UNDER SEAL 

§ 

§ 

§ 

§ 

§ 


VERIFIED COMPLAINT FOR INJUNCTIVE 
RELIEF. DAMAGES AND DEMAND FOR IURY TRIAL 


11. Upon information and belief, John Doe 5 is an individual that owns, 
operates, administers, uses or maintains a website located www.attrition.org and 
uses an account at the real-time information network provided at 
www.twitter.com under the alias "attritionorg" (the "Attrition Twitter Page"). 







Blowback- Evans 


From: Gregory Evans gregoryevans@ligatt.com 
Date: Mon, 25 Oct 2010 19:20:12 
To: [redacted] 

Subject: Re: [SPAM] Re: [SPAM] Fw: Manhattan lease app 
1st. I do not want to rent your place. 

2nd. You or who ever pulled this thing up is very ignorant. This is not a investor website it is racist hacker 
website. This is the same site if you go through it that called me niggers and niggers don't no computers. It is 
also a site that says they need +to hack all Jews technology companies. The information they posted on this 
board is false!!!!! 

3rd. My mom was going to rent the place as a second home not me or a company. Your rent is is only $1900 a 
month, add $500 on to that an it still would not be one of my car payments. 

4. What you should have did is went to CNN or Forbes and looked it....dumb! 

5. See this just prove my point, that know matter what race or education background you may have there are 
still can be a just a dumb ass! 

6.1 will be posting this to my 50,000 + twitter followers and my >5,000 facebook fans. This is soooooooo funny 
to me. You went and pulled up a racist website. 



Blowback - Medica 


EDWARD B. MAGARIAN 
(612) 340-7873 
FAX (612) 340-2807 

magarian.edward@dorsey.cofn 


January 12. 2007 


VIA ELECTRONIC SUBMISSION 

www.attrition.org 

Re: Medica Health Plans and Your Web Site attrition.org 

Dear attrition.org: 

I have been retained by Medica Health Plans ("Medica") in connection with false and 
defamatory statements we learned you published about my client which can be found at 
http://attrition.org/dataloss; http://attrition.org/dataloss/dldos.html; and 
http://attrition.org/dataloss/dataloss.csv (see item #110). I am sending this letter to the contact 
on your website because it appears to be your preferred method of communication. 

You have published and continue to publish to this day statements that Medica had a 
data loss on June 29, 2005 affecting 1,200,000 members related to "fraud." This defamatory 
information has been picked up by other websites including www.emergentchaos.com. These 
statements which have been republished are simply false and defamatory. 


This is not our first trip to the legal threat rodeo, sir. 

Jared E. Richo 

attrition.org 





happy hacker HackerHappy 

jericho. attrition org twitpic.com/7u3d6u 
dP View photo 


happy hacker HackerHappy 

attrition twitpic com/7u3cbu 
dP View photo 


attrition.org: Brian Martin's (jericho) cri 
justice 


If you have been blackmailed or denigrated by attrition.org / securii 
Marin) - do not hesitate to make a legal lawsuit against him: 


happy hacker HackerHappy 

Brian Martin, jericho twitpic com/7u3bvf 
dP View photo 




Real name: Mr. Brian Keith Martin. 


Born on: April 1973 in South Carolina. 

Currently resides at: 12646 West Virginia Avenue, Denver 80228, CO, 
Place of work: consultant at Tenable Network Security" since 2008. 
Work email: bmartin@tenable.com 


United States. 


From: happy-hacker@atrition.org 


To: [long list of security people] 

Date: Thu, 15 Dec 2011 05:23:04 -0600 (CST) 

Subject: Brian Martin's (jericho) crimes and frauds exposed for justice 


Blowback - 'Hacker Happy' 


TVveets 


happy hacker :§HackerHappy 20 Dec 

@tenablesecurity atrittion.org Do you hire criminals on purpose or 
just fail to perform due diligence? 4 ® ©. _ 


aIrition.org 


atrition.org 






Blowback - Kimble 

From: Kim Schmitz <kim@kimvestor.com> 

X-Sender: kim@194.221.6.35 
To: security curmudgeon <jericho@attrition.org> 

Date: Mon, 22 Oct 2001 16:04:47 +0100 
Subject: Re: Terrorist cell operating from attrition.org 

i think you will soon hate me even more, 
have a suprise for you, be prepared, 
ciao 
K. 

In reply to the original YIHAT mail: good job, they are fucked soon! 

In reply to my taunting him: you make it even worse ;-) 

In reply to Comega taunting him:;-) words words words... i dont talk, i do. 



Further reply to Comega: i can only smile about you my cute little boy;-) 



Blowback - Kimble 


From: Kim Schmitz <kim@kimvestor.com> 

X-Sender: kim@194.221.6.35 
To: Cancer Omega comega@attrition.org 
Date: Wed, 24 Oct 2001 08:27:08 +0100 
Subject: kimble on attrition.org 

Thank you so much... i honestly love your dedication, 
please go on and find more "burn the witch" material. 

The funny thing is, i am sitting here in my 10 million 
dollar penthouse with a pretty girl and a milkshake 
and cant stop laughing about you guys, i Own you!!! 

and yes i hacked a military laser satellite and yes 
i am going to burn you and your friends to hell... 

and hey, report this to authorities aswell, fuxOr;-) 
please release this on your site!!! 


LOL 

Kimble 




Blowback - DDoS 




EC-Council 


Blowback 
The Rest 



Attrition Org 

(£ attrition__org 

attritionorg.wordpress.com/ staff share this account, if we follow 
you, we ready like you... or we really dislike you. 


TWeet to Attrition Org 

@attrition_org 




TVveets 


Attrition Org a attritionsrg 14 Apr 

| org supports SOPA. If you sing a song, you are copying it. 


Attrition Org attrition_org 
[I 5inb Sorry. can't read 

4* In reply to Hussein Badakhchani 


14 Apr 


Attrition Org a attritionsrg 14 Apr 

I mi "getting data" is the easy part, we steal it. "getting 

meaningful data" is the tricky part, we dont understand it. (Bcc 

@mikko) 

Attrition Org @attrition_org 14 Apr 

[j Composers shouldn't think too much - it interferes with their 
plagiarism, attrition.org/errata/wish_li email me. 


C£ Of Y MT 


* ^attritionorg who is lying & who is 
> justifying will be cleared soon, secure ur 


• teamgreyhat, [+] Wed 16 May 15:54 via web in reply to„ 

A. @teamqreyhat Wait, so you lying about 
something is us "going too far"? You guys 
don't seem very bright. 

attritionorg, [+1 Wed 16 May 15:54 via TweetDeck in reply to 

* x ^attritionorg now u have gone 2 far its a 
I ® i matter of greyhat community ^target 
secu rityerrata eng ag ed. 

290 

teamgreyhat, [+] Wed 16 May 15:53 via web in reply to- 

@teamqreyhat Bidding or not you are 
obviously lying about who is involved in it. 
Integrity escapes you all. 


( ^attritionorg also ft THN ft Ankitfadia ft cat 
ft Manu Infosec Institute are on the biding 
now ur value is $250 


teamgreyhat 


0 ^ ^teamgreyhat By "plenty of reports", you 
mean the same person from VoGH who 
cried about our article? 


>norg, [+] Wed 16 May 15:48 via TweetDeck in reply to 

( ^attritionoro we got pIenty of reports 
) against you.... in hacker bate IRC room your 
site is on 200 USD, so get ready for a gang 
1 rape 

reyhat, [+] Wed 16 May 15:47 via web in reply to„ 

^teamgreyhat Don't have a sister. Is this 
some vague threat of retaliation for 
exposing @VoiceQfGrevHat ? 

>nong, [+] Wed 16 May 1536 via TweetDeck in reply to 

( ^attrition oro @ securitverrata ask your 
> sister what is ^Teamgreyhat 


teamgreyhat, [+] Wed 16 May 1535 \ 








sted twitter. com/cattechie/statuses/206068 589063716864 




Cat Techie 

<5>cattechie 


^0 Follow 


My Lovely Puppy Jericho has grown big 
now, except the habit of barking he is cute 
otherwise pic.twitterxom/VT704kkc 

^ Reply Retweet ★ Favorite 



Blowback 

The 

(scary) 

Rest 


James Attrition 

@JamesAttrition a 

crusader against fraudulent people,hate moral custodians,hate the 
hungry publicity seekers at the cost of bigwigs of societyJ am here to 
make them sulk. 

Cyber Space http://james-attrition.blogspot.com/ 






Errata's Errata 

(everyone makes mistakes) 


In ~ 13 years... 

•Less than 10 redactions that I can recall 

•One security spam removed (was an "FYI I am moving companies" mail, but he understands 
how it was perceived as spam. Removed because he has a history of integrity.) 

•One sec-co article due to confusion of timeline of events. 

•Etc... 

•One article proactively removed (about Evans, after listening to him do an interview) 
•Around a dozen articles edited for clarity or with new information made available to us 
(e.g., HTBridge, Schlossberg, EC-Council, Infosec Institute, etc), typically due to email 
discussion with the party 

•One charlatan watch-list candidate removed (after sit-down at conference, extensive 
discussion, and additional review of material not originally considered) 

•Hundreds of typos and stupid grammer errors 

•Fail to meet deadlines I set for myself (e.g., "I will review that in the next few days" 
turns into weeks or months.) 


Why Errata Works? 


o O 

•As open and transparent as possible 
•Cite our sources 

•Articles are generally peer reviewed 
•Will update / retract 

•Attempt to follow ethical journalism practices 
•Nothing to gain (other than greater integrity in industry) 
•Stand up and defend our articles to the best of our ability 
•We maintain a blacklist, not a whitelist 



It Really Works! 

•Frequently feels like pissing in the wind, but sometimes effective. 

•Examples (through positive interaction): 

•Sahil Khan 
•Jayson Street 
•InfoSec Institute 
•Examples (through persistence): 

•Greg Evans (rejected from some confs, some media refuses him) 
•Christian Valor / se7en (out of industry) 

•Michelle Delio (dumped from Wired) 

•What have we accomplished? 

•Awareness 

•A sliver of sunshine in an otherwise cloudy industry 



Helping - Why Care? 

"We must fear evil men and deal with them accordingly, but 
what we must truly guard against, what we must fear most, is 
the indifference of good men." -- Boondock Saints 

•Ethical thing to do (for real) 

•Ethical thing to do (mandatory, e.g., CISSP makes you) 
•Ethical thing to do (gets you dates) [1] 

•Revenge (petty? sure, fun? absolutely.) 

•Selfish (less competition in industry ) <- for the BH crowd! 

Really, we don't care why you help, as long as your work 
is solid and well sourced. 


[1] Errata work has not resulted in a date for any attrition.org staff member. 



Helping 

•Have you reported an incident / charlatan? Why not? 

•Hidden agendas generally don't stay hidden for long. Help them 
escape! 

•No more "won't name names". Grow a pair already. Sometimes it 
can't be avoided, but not always. 

•Send us information! (but do a little leg work for us) 

•Blog, Tweet, Tumblr, whatever. Summarize our findings. Saturation 
is the key. 



Expectations 

Why errata hasn't lived up to expectations... 

Ours: 

•Community support is dismal (e.g. few volunteers, almost none stick 
around) 

•Overall, barely having an affect - most charlatans still in business 
•To do it right, takes a lot of time 

Community: 

•Want more, faster, more frequently 
•Want all the work done for them 

Why? 

•Long-term and short-term burnout (i.e. working on Errata too much) 
•Personal/Professional situations change (e.g., employer backlash) 
•Resources (e.g., limited manpower, already spread thin with family, job, 
other projects) 

•Volunteers see it is not glamorous and bail quickly 



Dreaming 

What Errata would be like if... 

•We had 13 years and 1 full time person that entire time? 3 people? 

•A real budget to fight anything, including first amendment threats? 

•More in the industry wanted to take charlatans to task? 

•More journalists covered our findings? 

•We could cover all sources: 

•Bugtraq - Vendors, HTBridge, etc. 

•Full-Disclosure - So many bad disclosures. 

•Conference Talks - e.g., 2010 ShmooCon FemToCell 
•Media - How many bad articles have you read? 

•Every company and conference used it as a resource before hiring/selecting 
•Every media outlet checked Errata before inviting charlatans on a show 



Thanks! 

(In no particular order) 

■Graphics: 

■Mar (sudux.com) - Presentation Art, Errata Graphics, More 
■Cupcake - Errata Graphics 
■Functional: 

■Lyger-Spel Checker, Admin, Sanity Checker, Sanity 
Destroyer, Designated Wrestler 
■Apacid - DNS, admin 
■Fellow Curmudgeons & Skeptics 

■Jay Dyson - fellow curmudgeon, skeptic, admin 
■Rob Rosenberger / Vmyths.com - skeptic 
■Space Rogue / HNN - skeptic 

■Former Errata Volunteers: Mcintyre, Zodiac, Quine, Sawaba, 
dsmcr, Irish, Deepquest, Flipz, Fell, Robert Winkel 


Questions? 


Expect Us! (Eventually) 

Apologies to Anonymous. 



r 

i 


